<?
define('IN_LC', true);
define('MM_ID', 0);

include_once('../validate.php');
include_once('../includes/comments.php');

$skin_dir = '../' . $skin_dir;

$done = false;

if(isset($_GET['safteycheck']) && $_GET['safteycheck'] && isset($_GET['id']) && is_numeric($_GET['id']) && isset($_GET['mode']))
{
	if($_GET['mode'] == 'edit')
	{
		$q = 'SELECT c.*, p.pf_drivername as co_posterName, t.pf_drivername as co_commentToName, 
					 date_format(co_date, "%M %e, %Y, %l:%i%p") as co_dateF 
			  FROM ' . DRIVERNAME_TABLE . ' p, ' . COMMENTS_TABLE . ' c
			  LEFT JOIN ' . DRIVERNAME_TABLE . ' t
			  ON co_commentTo = t.user_id
			  WHERE co_user = p.user_id AND co_id = ' . $_GET['id'];
			  
		$res = $db->sql_query($q);
		if ( $row = $db->sql_fetchrow($res)  )
		{
			$row = formatArrayOutput($row, true);
			$postedby = sprintf($lang['CommentEditTitle'], '<a href="drivers.php?id=' . 
						$row['co_id'] . '">' . $row['co_posterName'] . '</a>', $row['co_dateF']);
			if($row['co_commentTo'] == 0)
			{
				$messageOptions = '<option value="0" SELECTED>' . $lang['CommentAllDrivers'] . '</option>';
			}
			else
			{
				$messageOptions = '<option value="0">' . $lang['CommentAllDrivers'] . '</option><option value="' . 
									$row['co_commentTo'] . '" SELECTED>' . $row['co_commentToName'] . '</option>';
			}
			$message = $row['co_text'];
			$title = $row['co_title'];
			$id = 'comment' . $row['co_id'];
			
			$options = '<a href="javascript:saveComment(' . $row['co_id'] . ')">' . $lang['SaveButton'] . '<a/> | ' .
					 		'<a href="javascript:makeRequest(\'ajax/comments.php\', \'?id=' . 
							$row['co_id'] . '&mode=cancel\', \'' .  $id . '\')">' . $lang['CancelButton'] . 
							'</a> | <a href="javascript:makeRequestConfirm(\'ajax/comments.php\', \'?id=' . 
							$row['co_id'] . '&mode=delete\', \'' . $id . '\')">' . $lang['RemoveButton'] . '</a>';
			
			include $skin_dir . 'tpl/commentAjaxEdit.tpl';
			$done = true;
		}
	}
	else if($_GET['mode'] == 'delete')
	{
		$q = 'DELETE FROM ' . COMMENTS_TABLE . ' WHERE co_id = ' . $_GET['id'];
		$res = $db->sql_query($q);
		if($db->sql_affectedrows() > 0)
		{
			$done = true;
		}
	}
	else if($_GET['mode'] == 'cancel')
	{
		$done = renderComment("ID", $_GET['id'], true);
	}
	else if($_GET['mode'] == 'save' && isset($_SESSION['valid_id']) && isset($_SESSION['valid_driver']))
	{
		$edit = sprintf( $lang['CommentEditedBy'], $_SESSION['valid_driver'], $_SESSION['valid_id'], date("F j, Y, H:iA",time()));
		$q = "UPDATE " . COMMENTS_TABLE . "
		      SET co_title = '" . $_GET['commentTitle'] . "',
			      co_commentTo = " . $_GET['commentMessageTo'] . ",
				  co_text = '" . $_GET['commentMessage'] . "',
				  co_edited = CONCAT(co_edited, '" . $edit . "')
			  WHERE co_id = " . $_GET['id'];
		$db->sql_query($q);
		if($db->sql_affectedrows() > 0)
		{
			$done = renderComment("ID", $_GET['id'], true);
		}
	}
}

if(!$done)
{
	echo "#NO_SHOW"; //Tell output not to update
}

?>